Shodan
Vulnerabilities
Vulnerable Software
Debian:  >> Debian Linux  Security Vulnerabilities
CVE-2019-16779
In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted (such as by a timeout) would leave data on the socket. Subsequent requests would then read this data, returning content from the previous response. The race condition window appears to be short, and it would be difficult to purposefully exploit this.
CVSS Score
5.8
EPSS Score
0.006
Published
2019-12-16
CVE-2019-19331
knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A records can be squashed into one DNS message (limit is 64kB).
CVSS Score
7.5
EPSS Score
0.005
Published
2019-12-16
CVE-2019-19783
An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. If sieve script uploading is allowed (3.x) or certain non-default sieve options are enabled (2.x), a user with a mail account on the service can use a sieve script containing a fileinto directive to create any mailbox with administrator privileges, because of folder mishandling in autosieve_createfolder() in imap/lmtp_sieve.c.
CVSS Score
6.5
EPSS Score
0.013
Published
2019-12-16
CVE-2014-8650
python-requests-Kerberos through 0.5 does not handle mutual authentication
CVSS Score
9.8
EPSS Score
0.005
Published
2019-12-15
CVE-2014-4913
ZF2014-03 has a potential cross site scripting vector in multiple view helpers
CVSS Score
6.1
EPSS Score
0.005
Published
2019-12-15
CVE-2014-8561
imagemagick 6.8.9.6 has remote DOS via infinite loop
CVSS Score
6.5
EPSS Score
0.01
Published
2019-12-15
CVE-2019-19797
read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write.
CVSS Score
5.5
EPSS Score
0.005
Published
2019-12-15
CVE-2014-3495
duplicity 0.6.24 has improper verification of SSL certificates
CVSS Score
7.5
EPSS Score
0.003
Published
2019-12-13
CVE-2014-2387
Pen 0.18.0 has Insecure Temporary File Creation vulnerabilities
CVSS Score
4.4
EPSS Score
0.001
Published
2019-12-13
CVE-2014-0175
mcollective has a default password set at install
CVSS Score
9.8
EPSS Score
0.005
Published
2019-12-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved